In 2014, the Federal Communications Commission (FCC) proposed rules that defined an edge provider as an “individual or entity that provides any content, application, or service over the Internet, and any individual or entity that provides a device used for accessing any content, application, or service over the Internet.”

The proposed legislation was put forth in advance of next month’s deadline for compliance with the European Union’s General Data Protection Regulation (GDPR), which governs how entities handle EU citizens’ data.

And to hammer home its significance, the senators introduced the bill while Facebook Chief Executive Mark Zuckerberg was testifying in front of Congress about the revelation that data firm Cambridge Analytica used Facebook data to target more than 87 million users in the 2018 US election.

The CONSENT Act draws from GDPR, particularly in how it seeks to protect customer data. The act mandates that the FTC require edge providers to:

Notify users about all collection, use and sharing of users’ personal information.

Notify users in the event of a breach.

Is the US adopting EU privacy practices?

European regulators have long tangled with Facebook over its data privacy practices, but US law has stayed mostly silent, with no federally mandated laws governing the general collection and use of consumer data on the books at this time. But there is some legislation, like the Children’s Online Privacy Protection Act (COPPA), which protects the privacy of children under 13.

And American companies that handle any European citizens’ data are bound to comply with laws governing that data, including the GDPR.

“The startling consumer abuses by Facebook and other tech giants necessitate swift legislative action rather than overdue apologies and hand-wringing,” Blumenthal said in a post announcing the move. “Our privacy bill of rights is built on a simple philosophy that will return autonomy to consumers: affirmative informed consent. Consumers deserve the opportunity to opt in to services that might mine and sell their data — not to find out their personal information has been exploited years later.”

About The Author

Robin Kurzer started her career as a daily newspaper reporter in Milford, Connecticut. She then made her mark on the advertising and marketing world in Chicago at agencies such as Tribal DDB and Razorfish, creating award-winning work for many major brands. For the past seven years, she’s worked as a freelance writer and communications professional across a variety of business sectors.